1
0
Fork 0
mirror of https://github.com/ansible-collections/community.general.git synced 2024-09-14 20:13:21 +02:00

[PR #5934/78297e44 backport][stable-6] Fix keycloak sanitize_cr (#6036)

Fix keycloak sanitize_cr (#5934)

* Fix keycloak sanitize_cr

* Update changelogs/fragments/5934-fix-keycloak-sanitize_cr.yml

Co-authored-by: Felix Fontein <felix@fontein.de>

---------

Co-authored-by: Claude Dioudonnat <claude.dioudonnat@be-ys.cloud>
Co-authored-by: Felix Fontein <felix@fontein.de>
(cherry picked from commit 78297e44b7)

Co-authored-by: Claude Dioudonnat <claude@dioudonnat.fr>
This commit is contained in:
patchback[bot] 2023-02-22 15:23:33 +01:00 committed by GitHub
parent 2181c2b090
commit 3ecbadf694
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 4 additions and 1 deletions

View file

@ -0,0 +1,2 @@
bugfixes:
- "keycloak_client - fix accidental replacement of value for attribute ``saml.signing.private.key`` with ``no_log`` in wrong contexts (https://github.com/ansible-collections/community.general/pull/5934)."

View file

@ -712,6 +712,7 @@ end_state:
from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \ from ansible_collections.community.general.plugins.module_utils.identity.keycloak.keycloak import KeycloakAPI, camel, \
keycloak_argument_spec, get_token, KeycloakError keycloak_argument_spec, get_token, KeycloakError
from ansible.module_utils.basic import AnsibleModule from ansible.module_utils.basic import AnsibleModule
import copy
def normalise_cr(clientrep, remove_ids=False): def normalise_cr(clientrep, remove_ids=False):
@ -750,7 +751,7 @@ def sanitize_cr(clientrep):
:param clientrep: the clientrep dict to be sanitized :param clientrep: the clientrep dict to be sanitized
:return: sanitized clientrep dict :return: sanitized clientrep dict
""" """
result = clientrep.copy() result = copy.deepcopy(clientrep)
if 'secret' in result: if 'secret' in result:
result['secret'] = 'no_log' result['secret'] = 'no_log'
if 'attributes' in result: if 'attributes' in result: